DEVHIDE
Login Or Sign up

Javacard J2A040 changing default key with GPShell script not work

465 Views Asked by At

I want to change default key but script below on GPShell return 6A80.

mode_211 
enable_trace 
establish_context 
card_connect 
select -AID A000000003000000 
open_sc -scp 2 -scpimpl 0x15 -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494A4B4C4D4E4F -enc_key 404142434445464748494A4B4C4D4E4F // Open secure channel
put_sc_key  -keyver 0 -newkeyver 1 -mac_key 404142434445464748494A4B4C4D4E4E -enc_key 404142434445464748494A4B4C4D4E4E -kek_key 404142434445464748494A4B4C4D4E4E  -current_kek 404142434445464748494A4B4C4D4E4F 
card_disconnect 
release_context

pyResMan

What is wrong ?

my J2A040 is pre-personalised but not fused and not protect.

Thanks for your help

javacard globalplatform gpshell
Original Q&A
2

There are 2 best solutions below

0
k_o_ On 
put_sc_key  -keyver 0 -newkeyver 1 -mac_key 404142434445464748494A4B4C4D4E4E -enc_key 404142434445464748494A4B4C4D4E4E -kek_key 404142434445464748494A4B4C4D4E4E  -current_kek 404142434445464748494A4B4C4D4E4F

is creating a new key. Because the key in key set version 1 already exists, the command fails. To replace a key a key use this syntax:

put_sc_key  -keyver 1 -newkeyver 1 -mac_key 404142434445464748494A4B4C4D4E4E -enc_key 404142434445464748494A4B4C4D4E4E -kek_key 404142434445464748494A4B4C4D4E4E  -current_kek 404142434445464748494A4B4C4D4E4F

If this fails it would be interesting for me to know if addign a new key set version works. Please try (adding key set version 2):

put_sc_key  -keyver 0 -newkeyver 2 -mac_key 404142434445464748494A4B4C4D4E4E -enc_key 404142434445464748494A4B4C4D4E4E -kek_key 404142434445464748494A4B4C4D4E4E  -current_kek 404142434445464748494A4B4C4D4E4F

I think I have some issues left in the code, currently I'm investigating this, your support could be helpful here. Are you using the latest binaries release for Windows / Homebrew?

1
andromeda92 On

This script work for me now

mode_211 
enable_trace 
establish_context 
card_connect 
select -AID A000000003000000 
open_sc -scp 2 -scpimpl 0x15 -security 1 -keyind 0 -keyver 0 -key 404142434445464748494A4B4C4D4E4F -mac_key 404142434445464748494A4B4C4D4E4F -enc_key 404142434445464748494A4B4C4D4E4F -kek_key 404142434445464748494A4B4C4D4E4F // Open secure channel
put_sc_key  -keyver 1 -newkeyver 0 -mac_key 404142434445464748494A4B4C4D4E4E -enc_key 404142434445464748494A4B4C4D4E4E -kek_key 404142434445464748494A4B4C4D4E4E  -current_kek 404142434445464748494A4B4C4D4E4F 
card_disconnect 
release_context

With this :

put_sc_key  -keyver 0 -newkeyver 2 -mac_key 404142434445464748494A4B4C4D4E4E -enc_key 404142434445464748494A4B4C4D4E4E -kek_key 404142434445464748494A4B4C4D4E4E  -current_kek 404142434445464748494A4B4C4D4E4F

It work too. But what i actually want is to replace the 3 default keys (S-ENC, S-MAC, DEK) and not add new keys, now I have 3 new keys with version 2, look on l 'picture.

Picture from new version 2 key pyResMan

Now how to delete keys for version 2

Related Questions in JAVACARD

Related Questions in GLOBALPLATFORM

Related Questions in GPSHELL

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.